nerdexam
Cisco

210-255 · Question #30

In VERIS, an incident is viewed as a series of events that adversely affects the information assets of an organization. Which option contains the elements that every event is comprised of according to

The correct answer is D. actors, actions, assets, attributes. VERIS models every security event using four core elements called the 4As: Actors, Actions, Assets, and Attributes.

Security Policies and Procedures

Question

In VERIS, an incident is viewed as a series of events that adversely affects the information assets of an organization. Which option contains the elements that every event is comprised of according to VERIS incident model'?

Options

  • Avictim demographics, incident description, incident details, discovery & response
  • Bvictim demographics, incident details, indicators of compromise, impact assessment
  • Cactors, attributes, impact, remediation
  • Dactors, actions, assets, attributes

How the community answered

(40 responses)
  • A
    3% (1)
  • B
    3% (1)
  • D
    95% (38)

Why each option

VERIS models every security event using four core elements called the 4As: Actors, Actions, Assets, and Attributes.

Avictim demographics, incident description, incident details, discovery & response

Victim demographics, incident description, incident details, and discovery and response describe sections of a VERIS incident record, not the four elements that comprise an individual event within that model.

Bvictim demographics, incident details, indicators of compromise, impact assessment

Indicators of compromise and impact assessment are analytical outputs used in incident response, but they are not defined elements within the VERIS 4A event model structure.

Cactors, attributes, impact, remediation

While actors and attributes partially overlap with VERIS concepts, 'remediation' is not one of the four core VERIS event elements, and 'actions' and 'assets' are absent from this option.

Dactors, actions, assets, attributesCorrect

VERIS (Vocabulary for Event Recording and Incident Sharing) defines its event model around four elements - Actors (who caused the event), Actions (what they did), Assets (what was affected), and Attributes (how the assets were affected) - providing a structured taxonomy for classifying and recording security incidents.

Concept tested: VERIS incident model four core event elements

Source: https://verisframework.org/4plus.html

Topics

#VERIS#incident model#actors actions assets#threat framework

Community Discussion

No community discussion yet for this question.

Full 210-255 Practice